<?php
@header('Content-type: text/html;charset=UTF-8');
require_once('bookmark_sum.php');
do_html_change_password();
session_start();
//do_html_change_password();
@$old_password=$_POST['old'];
@$new_password=$_POST['new1'];
@$new_password2=$_POST['new2'];
if ($old_password!=""&&$new_password2!=""&&$new_password!="") {
	try{
		if (check_password($old_password)&&check_password($new_password2)&&check_password($new_password)) {
			$conn=db_connect();
			$query_result=$conn->query("select passwd from user where username='".$_SESSION['valid_user']."'");
			if ($query_result->num_rows==1) {
				$row=$query_result->fetch_array(MYSQLI_NUM);
				if (@$row[0]!=$new_password&&$new_password==$new_password2) {
					$query_result=$conn->query("update user set passwd='".$new_password."' where username='".$_SESSION['valid_user']."'");
					if ($query_result) {
						log_out();
						echo '<script type="text/javascript"> alert("密码修改成功，请重新登陆");location.href="login.php";</script>';
					}
					else{
					echo '<script type="text/javascript"> alert("密码修改失败！");</script>';
					}
				}
				else{
					echo '<script type="text/javascript"> alert("修改密码失败！");</script>';
				}
			} 
			else{
				echo '<script type="text/javascript"> alert("修改密码失败！");</script>';
			}
		}
		else{
			throw new Exception("修改密码失败！", 6);
		}
	}
	catch(Exception $e){
	printf($e->getMessage());
	}
}
?>